flask-pastebin icon indicating copy to clipboard operation
flask-pastebin copied to clipboard
verified publisher icon mitsuhiko

(Lame) Security Issue: Open-redirect in facebook_authorized route

Open KevinHock opened this issue 8 years ago • 0 comments

For more information, please see OWASP and StackOverflow

In https://github.com/mitsuhiko/flask-pastebin/blob/master/pastebin.py#L140

Vulnerability 4:
File: flask-pastebin/pastebin.py
 > User input at line 140, trigger word "get(": 
	next_url = request.args.get('next') or url_for('new_paste')
File: flask-pastebin/pastebin.py
 > reaches line 143, trigger word "redirect(": 
	¤call_2 = ret_redirect(next_url)

Vulnerability 5:
File: flask-pastebin/pastebin.py
 > User input at line 140, trigger word "get(": 
	next_url = request.args.get('next') or url_for('new_paste')
File: flask-pastebin/pastebin.py
 > reaches line 159, trigger word "redirect(": 
	¤call_10 = ret_redirect(next_url)

This issue was found with PyT

KevinHock avatar Nov 17 '17 00:11 KevinHock